Bug 1156274 - [abrt] Crash under g_network_address_address_enumerator_next()
Summary: [abrt] Crash under g_network_address_address_enumerator_next()
Keywords:
Status: CLOSED EOL
Alias: None
Product: Fedora
Classification: Fedora
Component: glib2
Version: 22
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Matthias Clasen
QA Contact: Fedora Extras Quality Assurance
URL: https://retrace.fedoraproject.org/faf...
Whiteboard: abrt_hash:136e46830fbf4983de85965fd71...
: 1186295 1218694 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-10-24 04:02 UTC by Cosimo Cecchi
Modified: 2016-07-19 12:16 UTC (History)
9 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2016-07-19 12:16:12 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
File: backtrace (57.13 KB, text/plain)
2014-10-24 04:02 UTC, Cosimo Cecchi
no flags Details
File: cgroup (190 bytes, text/plain)
2014-10-24 04:02 UTC, Cosimo Cecchi
no flags Details
File: core_backtrace (5.07 KB, text/plain)
2014-10-24 04:02 UTC, Cosimo Cecchi
no flags Details
File: dso_list (24.62 KB, text/plain)
2014-10-24 04:02 UTC, Cosimo Cecchi
no flags Details
File: environ (1.03 KB, text/plain)
2014-10-24 04:02 UTC, Cosimo Cecchi
no flags Details
File: exploitable (82 bytes, text/plain)
2014-10-24 04:02 UTC, Cosimo Cecchi
no flags Details
File: limits (1.29 KB, text/plain)
2014-10-24 04:02 UTC, Cosimo Cecchi
no flags Details
File: maps (122.50 KB, text/plain)
2014-10-24 04:02 UTC, Cosimo Cecchi
no flags Details
File: open_fds (2.65 KB, text/plain)
2014-10-24 04:02 UTC, Cosimo Cecchi
no flags Details
File: proc_pid_status (948 bytes, text/plain)
2014-10-24 04:02 UTC, Cosimo Cecchi
no flags Details
File: var_log_messages (7.32 KB, text/plain)
2014-10-24 04:02 UTC, Cosimo Cecchi
no flags Details

Description Cosimo Cecchi 2014-10-24 04:02:47 UTC
Version-Release number of selected component:
evolution-3.12.6-1.fc21

Additional info:
reporter:       libreport-2.3.0
backtrace_rating: 4
cmdline:        evolution mailto:?subject=SELinux%20is%20preventing%20/usr/bin/totem%2Dvideo%2Dthumbnailer%20from%20write%20access%20on%20the%20directory%20/home/cosimoc/jhbuild/install/%5Fjhbuild.&body=SELinux%20is%20preventing%20/usr/bin/totem%2Dvideo%2Dthumbnailer%20from%20write%20access%20on%20the%20directory%20/home/cosimoc/jhbuild/install/%5Fjhbuild.%0D%0A%0D%0A%2A%2A%2A%2A%2A%20%20Plugin%20catchall%20%28100.%20confidence%29%20suggests%20%20%20%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%0D%0A%0D%0AIf%20you%20believe%20that%20totem%2Dvideo%2Dthumbnailer%20should%20be%20allowed%20write%20access%20on%20the%20%5Fjhbuild%20directory%20by%20default.%0D%0AThen%20you%20should%20report%20this%20as%20a%20bug.%0D%0AYou%20can%20generate%20a%20local%20policy%20module%20to%20allow%20this%20access.%0D%0ADo%0D%0Aallow%20this%20access%20for%20now%20by%20executing:%0D%0A%23%20grep%20totem%2Dvideo%2Dthu%20/var/log/audit/audit.log%20%7C%20audit2allow%20%2DM%20mypol%0D%0A%23%20semodule%20%2Di%20mypol.pp%0D%0A%0D%0AAdditional%20Information:%0D%0ASource%20Context%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20unconfined%5Fu:unconfined%5Fr:thumb%5Ft:s0%2Ds0:c0.c1023%0D%0ATarget%20Context%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20unconfined%5Fu:object%5Fr:user%5Fhome%5Ft:s0%0D%0ATarget%20Objects%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20/home/cosimoc/jhbuild/install/%5Fjhbuild%20[%20dir%20%5D%0D%0ASource%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20totem%2Dvideo%2Dthu%0D%0ASource%20Path%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20/usr/bin/totem%2Dvideo%2Dthumbnailer%0D%0APort%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20<Unknown>%0D%0AHost%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20yoga%0D%0ASource%20RPM%20Packages%20%20%20%20%20%20%20%20%20%20%20totem%2D3.13.92%2D1.fc21.x86%5F64%0D%0ATarget%20RPM%20Packages%20%20%20%20%20%20%20%20%20%20%20%0D%0APolicy%20RPM%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20selinux%2Dpolicy%2D3.13.1%2D79.fc21.noarch%0D%0ASelinux%20Enabled%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20True%0D%0APolicy%20Type%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20targeted%0D%0AEnforcing%20Mode%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Enforcing%0D%0AHost%20Name%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20yoga%0D%0APlatform%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Linux%20yoga%203.16.2%2D301.fc21.x86%5F64%20%231%20SMP%20Thu%20Sep%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%2011%2012:45:29%20UTC%202014%20x86%5F64%20x86%5F64%0D%0AAlert%20Count%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%201%0D%0AFirst%20Seen%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%202014%2D09%2D16%2022:21:41%20PDT%0D%0ALast%20Seen%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%202014%2D09%2D16%2022:21:41%20PDT%0D%0ALocal%20ID%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0%20%20%20%20%20%20%20f502b640%2Dbbce%2D4d00%2D8bdd%2D229f889ed7ff%0D%0A%0D%0ARaw%20Audit%20Messages%0D%0Atype=AVC%20msg=audit%281410931301.125:716%29:%20avc:%20%20denied%20%20%7B%20write%20%7D%20for%20%20pid=27231%20comm=%22totem%2Dvideo%2Dthu%22%20name=%22%5Fjhbuild%22%20dev=%22sda11%22%20ino=9961955%20scontext=unconfined%5Fu:unconfined%5Fr:thumb%5Ft:s0%2Ds0:c0.c1023%20tcontext=unconfined%5Fu:object%5Fr:user%5Fhome%5Ft:s0%20tclass=dir%20permissive=0%0D%0A%0D%0A%0D%0Atype=SYSCALL%20msg=audit%281410931301.125:716%29:%20arch=x86%5F64%20syscall=open%20success=no%20exit=EACCES%20a0=1668950%20a1=c2%20a2=180%20a3=1%20items=0%20ppid=27053%20pid=27231%20auid=1000%20uid=1000%20gid=1000%20euid=1000%20suid=1000%20fsuid=1000%20egid=1000%20sgid=1000%20fsgid=1000%20tty=pts0%20ses=1%20comm=totem%2Dvideo%2Dthu%20exe=/usr/bin/totem%2Dvideo%2Dthumbnailer%20subj=unconfined%5Fu:unconfined%5Fr:thumb%5Ft:s0%2Ds0:c0.c1023%20key=%28null%29%0D%0A%0D%0AHash:%20totem%2Dvideo%2Dthu%2Cthumb%5Ft%2Cuser%5Fhome%5Ft%2Cdir%2Cwrite
crash_function: g_type_check_instance_is_fundamentally_a
executable:     /usr/bin/evolution
kernel:         3.16.2-301.fc21.x86_64
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 g_type_check_instance_is_fundamentally_a at gtype.c:3981
 #2 g_list_foreach at glist.c:993
 #3 g_list_free_full at glist.c:217
 #4 g_network_address_address_enumerator_next at gnetworkaddress.c:873
 #5 g_proxy_address_enumerator_next at gproxyaddressenumerator.c:210
 #6 g_socket_client_connect at gsocketclient.c:1011
 #7 network_service_connect_sync at camel-network-service.c:638
 #8 imapx_connect_to_server at camel-imapx-server.c:4459
 #9 imapx_reconnect at camel-imapx-server.c:4855
 #10 camel_imapx_server_connect at camel-imapx-server.c:8212

Comment 1 Cosimo Cecchi 2014-10-24 04:02:50 UTC
Created attachment 950205 [details]
File: backtrace

Comment 2 Cosimo Cecchi 2014-10-24 04:02:51 UTC
Created attachment 950206 [details]
File: cgroup

Comment 3 Cosimo Cecchi 2014-10-24 04:02:51 UTC
Created attachment 950207 [details]
File: core_backtrace

Comment 4 Cosimo Cecchi 2014-10-24 04:02:52 UTC
Created attachment 950208 [details]
File: dso_list

Comment 5 Cosimo Cecchi 2014-10-24 04:02:53 UTC
Created attachment 950209 [details]
File: environ

Comment 6 Cosimo Cecchi 2014-10-24 04:02:53 UTC
Created attachment 950210 [details]
File: exploitable

Comment 7 Cosimo Cecchi 2014-10-24 04:02:54 UTC
Created attachment 950211 [details]
File: limits

Comment 8 Cosimo Cecchi 2014-10-24 04:02:55 UTC
Created attachment 950212 [details]
File: maps

Comment 9 Cosimo Cecchi 2014-10-24 04:02:56 UTC
Created attachment 950213 [details]
File: open_fds

Comment 10 Cosimo Cecchi 2014-10-24 04:02:57 UTC
Created attachment 950214 [details]
File: proc_pid_status

Comment 11 Cosimo Cecchi 2014-10-24 04:02:57 UTC
Created attachment 950215 [details]
File: var_log_messages

Comment 12 Milan Crha 2014-10-24 05:58:06 UTC
Thanks for a bug report. I tried to reproduce this, but no luck for me. The var_log_messages seem to be a month old, thus I guess there had been no related runtime warnings for the crash.

The backtrace suggests that the crash happened in GSocket function, which is not under Evolution's control, unless the crash being caused by some memory corruption, which I cannot distinguish.

Are you able to reproduce this?

Comment 13 Andre Klapper 2015-01-30 11:36:21 UTC
According to ABRT I ran into this with 3.12.10-1 on F21; manually trying to force client-side filtering of some messages in my GMail IMAP inbox after getting some random cryptic errors displayed beforehand.

Comment 14 Milan Crha 2015-02-04 14:10:37 UTC
What do your filters do, please? Maybe there happened a memory corruption during the filter run.

Comment 15 Milan Crha 2015-02-04 14:11:46 UTC
*** Bug 1186295 has been marked as a duplicate of this bug. ***

Comment 16 Andre Klapper 2015-02-05 01:03:23 UTC
(In reply to Milan Crha from comment #14)
> What do your filters do, please?

Basically: Setting labels, marking as read, moving to a subfolder.

Comment 17 Milan Crha 2015-05-06 04:51:33 UTC
*** Bug 1218694 has been marked as a duplicate of this bug. ***

Comment 18 Christian Kirbach 2015-05-06 06:35:18 UTC
I am not sure how I triggered this.

laptop went into suspend mode aLter closing the lid. the crash probably happened seconds after I opened the lid.
Evolution has an IMAP and an ews account configured.
My filters just move or delete messages.

Comment 19 Milan Crha 2015-05-06 07:51:25 UTC
This seems to be crashing deep in the GLib code, thus I move this there. I checked evolution's code and it references the connectable object when using it, thus it might not be a use-after-free on the evolution side, a least not by the code reading.

I'm fine if GLib developers will point me into an error in the evolution code and return the bug back there, I only miss enough knowledge of the GLib code to know what happened here and where to focus.

Comment 20 Fedora End Of Life 2016-07-19 12:16:12 UTC
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.


Note You need to log in before you can comment on or make changes to this bug.